wok-stable: glibc/stuff/glibc-2.13-CVE-2015-0235.patch annotate

wok-stable annotate glibc/stuff/glibc-2.13-CVE-2015-0235.patch @ rev 12447

glibc: CVE-2015-0235 fix (again)

author	Pascal Bellard <pascal.bellard@slitaz.org>
date	Thu Jan 29 13:01:13 2015 +0100 (2015-01-29)
parents	18a6783e147f
children	2b274e36aea3

rev	line source
pascal@12445	1 CVE-2015-0235 GHOST
pascal@12445	2 From https://sourceware.org/git/?p=glibc.git;a=commit;h=d5dd6189d506068ed11c8bfa1e1e9bffde04decd
pascal@12445	3 --- glibc-2.13/nss/digits_dots.c
pascal@12445	4 +++ glibc-2.13/nss/digits_dots.c
pascal@12445	5 @@ -47,7 +47,10 @@
pascal@12445	6 {
pascal@12445	7 if (h_errnop)
pascal@12445	8 *h_errnop = NETDB_INTERNAL;
pascal@12445	9 - *result = NULL;
pascal@12445	10 + if (buffer_size == NULL)
pascal@12445	11 + *status = NSS_STATUS_TRYAGAIN;
pascal@12445	12 + else
pascal@12445	13 + *result = NULL;
pascal@12445	14 return -1;
pascal@12445	15 }
pascal@12445	16
pascal@12447	17 @@ -90,8 +93,9 @@
pascal@12445	18 {
pascal@12445	19 if (buflen < size_needed)
pascal@12445	20 {
pascal@12445	21 + *status = NSS_STATUS_TRYAGAIN;
pascal@12445	22 if (h_errnop != NULL)
pascal@12445	23 - *h_errnop = TRY_AGAIN;
pascal@12445	24 + *h_errnop = NETDB_INTERNAL;
pascal@12445	25 __set_errno (ERANGE);
pascal@12445	26 goto done;
pascal@12445	27 }
pascal@12447	28 @@ -110,7 +114,7 @@
pascal@12445	29 *buffer_size = 0;
pascal@12445	30 __set_errno (save);
pascal@12445	31 if (h_errnop != NULL)
pascal@12445	32 - *h_errnop = TRY_AGAIN;
pascal@12445	33 + *h_errnop = NETDB_INTERNAL;
pascal@12445	34 *result = NULL;
pascal@12445	35 goto done;
pascal@12445	36 }
pascal@12447	37 @@ -150,7 +154,9 @@
pascal@12445	38 if (! ok)
pascal@12445	39 {
pascal@12445	40 *h_errnop = HOST_NOT_FOUND;
pascal@12445	41 - if (buffer_size)
pascal@12445	42 + if (buffer_size == NULL)
pascal@12446	43 + *status = NSS_STATUS_NOTFOUND;
pascal@12445	44 + else
pascal@12445	45 *result = NULL;
pascal@12445	46 goto done;
pascal@12445	47 }
pascal@12447	48 @@ -202,15 +208,6 @@
pascal@12445	49
pascal@12445	50 if ((isxdigit (name[0]) && strchr (name, ':') != NULL) \|\| name[0] == ':')
pascal@12445	51 {
pascal@12445	52 - const char *cp;
pascal@12445	53 - char *hostname;
pascal@12445	54 - typedef unsigned char host_addr_t[16];
pascal@12445	55 - host_addr_t *host_addr;
pascal@12445	56 - typedef char *host_addr_list_t[2];
pascal@12445	57 - host_addr_list_t *h_addr_ptrs;
pascal@12445	58 - size_t size_needed;
pascal@12445	59 - int addr_size;
pascal@12445	60 -
pascal@12445	61 switch (af)
pascal@12445	62 {
pascal@12445	63 default:
pascal@12447	64 @@ -226,7 +223,10 @@
pascal@12445	65 /* This is not possible. We cannot represent an IPv6 address
pascal@12445	66 in an `struct in_addr' variable. */
pascal@12445	67 *h_errnop = HOST_NOT_FOUND;
pascal@12445	68 - *result = NULL;
pascal@12445	69 + if (buffer_size == NULL)
pascal@12445	70 + *status = NSS_STATUS_NOTFOUND;
pascal@12445	71 + else
pascal@12445	72 + *result = NULL;
pascal@12445	73 goto done;
pascal@12445	74
pascal@12445	75 case AF_INET6:
pascal@12447	76 @@ -234,42 +234,6 @@
pascal@12445	77 break;
pascal@12445	78 }
pascal@12445	79
pascal@12445	80 - size_needed = (sizeof (*host_addr)
pascal@12445	81 - + sizeof (*h_addr_ptrs) + strlen (name) + 1);
pascal@12445	82 -
pascal@12445	83 - if (buffer_size == NULL && buflen < size_needed)
pascal@12445	84 - {
pascal@12445	85 - if (h_errnop != NULL)
pascal@12445	86 - *h_errnop = TRY_AGAIN;
pascal@12445	87 - __set_errno (ERANGE);
pascal@12445	88 - goto done;
pascal@12445	89 - }
pascal@12445	90 - else if (buffer_size != NULL && *buffer_size < size_needed)
pascal@12445	91 - {
pascal@12445	92 - char *new_buf;
pascal@12445	93 - *buffer_size = size_needed;
pascal@12445	94 - new_buf = realloc (buffer, buffer_size);
pascal@12445	95 -
pascal@12445	96 - if (new_buf == NULL)
pascal@12445	97 - {
pascal@12445	98 - save = errno;
pascal@12445	99 - free (*buffer);
pascal@12445	100 - __set_errno (save);
pascal@12445	101 - *buffer = NULL;
pascal@12445	102 - *buffer_size = 0;
pascal@12445	103 - *result = NULL;
pascal@12445	104 - goto done;
pascal@12445	105 - }
pascal@12445	106 - *buffer = new_buf;
pascal@12445	107 - }
pascal@12445	108 -
pascal@12445	109 - memset (*buffer, '\0', size_needed);
pascal@12445	110 -
pascal@12445	111 - host_addr = (host_addr_t ) buffer;
pascal@12445	112 - h_addr_ptrs = (host_addr_list_t *)
pascal@12445	113 - ((char ) host_addr + sizeof (host_addr));
pascal@12445	114 - hostname = (char ) h_addr_ptrs + sizeof (h_addr_ptrs);
pascal@12445	115 -
pascal@12445	116 for (cp = name;; ++cp)
pascal@12445	117 {
pascal@12445	118 if (!*cp)
pascal@12447	119 @@ -282,7 +246,9 @@
pascal@12445	120 if (inet_pton (AF_INET6, name, host_addr) <= 0)
pascal@12445	121 {
pascal@12445	122 *h_errnop = HOST_NOT_FOUND;
pascal@12445	123 - if (buffer_size)
pascal@12445	124 + if (buffer_size == NULL)
pascal@12446	125 + *status = NSS_STATUS_NOTFOUND;
pascal@12445	126 + else
pascal@12445	127 *result = NULL;
pascal@12445	128 goto done;
pascal@12445	129 }

SliTaz Repositories

wok-stable annotate glibc/stuff/glibc-2.13-CVE-2015-0235.patch @ rev 12447